~ Security Researcher, Linux Tinkerer, Ukulele Strummer

Category Archives: Uncategorized

Answers to some of the more common questions I’ve received. If the information here doesn’t help feel free to send me an e-mail. My GPG public key is available here.

Who are you?

Machello is a fictional character from the Stargate Universe. His world was invaded by an alien species but he used his superior knowledge of science and tactics to help protect his people from them by waging a very successful guerilla war against them. More info here.

You say on your site it’s safer for me to use Linux than Windows, why is this?

There’s a number of reasons for this. Most people still use Windows including businesses so computer viruses are made for that system. Also Linux is developed as a community so when any bugs or security flaws appear in the code (which is published online) it gets picked up on and fixed very quickly. Microsoft do release updates but sometimes it can take months or years.

I’m new to all of this and would feel more comfortable sticking with Windows.

I understand how you feel. Six years ago I’d never used it either. That said the two most popular distributions Ubuntu and Linux Mint are very user friendly. Mint will play DVD’s/MP3/Farmville on Facebook out of the box. Don’t forget you can still use Windows day to day provided you keep your private activites on Linux.

OK I’m sold, where can I get Linux/

If you just want it for privacy reasons, head over to the website for TAILS Linux which you can then burn onto a DVD and boot into when you need to keep your activities private.

Is it true that the Government/Police are reading all our e-mails/Facebook posts/Tweets etc. ?

The answer seems to be a qualified yes. Recent revelations have shown that they probably didn’t want to spy on you specifically but are more than willing to hoover up your data in their bid to find terrorists and if it so happens you’ve been doing something they think is suspicious, a warrantless search isn’t beyond them either.

I’ve nothing to hide, so don’t mind the Police reading my e-mails/monitoring my online activity/inspecting my hard drive, so why should I go to all this trouble?

First, please watch this video. That should free you from the notion that talking to the Police is ever a good idea. Next please google ‘Edward Snowden’. Conspiracy theory has become Conspiracy Fact ; you’re only paranoid if you’re wrong after all. 🙂

Incidentally if you still think this is a bogus notion, try walking up to a Police Officer with a video camera in your hand, point it at them and ask, “Do you mind if I ask you a few questions?”

Only a paedophile or terrorist would want to hide their activites.

Tell that to Human Rights workers in China or freedom fighters in Syria, I’m sure they’ll appreciate the comparison.

How do I choose a good, strong password? I imagine the longer it is the better?

Size does indeed matter but so does entropy (see also my post on randomness and its importance for secure cryptography). One good and easy method to use comes from the good people at Diceware . What’s important is that you have a good mix of numbers, letters and symbols in your password. Where possible I’d also recommend the use of keyfiles.

My computer is protected with a password already. Does that make it safe?

It depends what system you’re running. For most people the answer is likely to be no. A password screen might put off a casual intruder but a determined adversary like a hacker or a Police Officer wouldn’t be slowed down very much. It is possible to encrypt your entire system with either Truecrypt if you’re running Windows or LUKS if you’re running Linux. Both Ubuntu and Linux Mint will give you the option to encrypt your entire system with a password when you’re first installing, which I strongly recommend.

Which encryption algorithm is the most secure?

If you’re unsure on this point then I would suggest sticking with AES which has become the industry standard. The other two heavyweights are called Serpent and Twofish. If you use Truecrypt or tcplay (see my post on this) then you can use all three together. The short answer is that none of these three have currently been broken. Serpent and Twofish are actually stronger than AES but don’t work as quickly.

OK, so do you have a personal favourite?

I I had to choose, probably Serpent. There’s also another Cipher called Anubis which is one I use for my most sensitive files, which was developed by the same people who created AES, although it’s stronger. Please bear in mind this is just a personal preference!

What’s the no. 1 thing I can do to keep my data safe aside from switch to Linux?

This is the point where some self styled security guru smirks and says, “Go live in a cave!” – Which is silly and unhelpful! I would suggest that you use system encryption as outlined above, also make sure that you’re the only one who uses your device if possible. Finally head on over to the Tor Project website and use their browser when you’re accessing sensitive data online.

How can I make sure my e-mails aren’t being intercepted?

It’s difficult to stop them from being intercepted but you can make the interception a moot point by using GPG to encrypt them. My favourite program for this is called GPG4USB. As the name suggests not only can you store the whole program safely on a USB stick but there are some excellent tutorials on the website which will introduce you to some of the basic concepts of public key encryption as it’s called and help you get started. If you want someone to try it out on, please feel free to send me an e-mail using my public key above.

How can I be sure that people aren’t listening to my phone calls?

This is one of those situations where I have to agree with the pony-tailed middle aged self styled gurus – you can’t. The signals on your phone are relayed back to a central processing centre before being sent elsewhere. If the Police want to listen to your calls they can just ask your phone company to start recording them.

Your best bet is to either use an encrypted VOIP solution like Ostel or RedPhone if you’re using an Android phone which will work over the internet. I am wary though about putting my voice over the airwaves. Unless there is a special reason why you need to talk to someone over voice, you consider using Off the Record Messaging such as that used by Pidgin. Implemented properly you could even use Facebook Chat or Google Hangouts safely in this way.

Which e-mail provider offers the best security?

If you look into this you’ll find there are any number of websites out there offering supposedly secure e-mail. One such provider a few years ago was Hushmail which supposedly encrypted all e-mails to and from other accounts. Unfortunately a few years later the local Police got antsy about this and Hushmail promptly handed over all the data they asked for.

What we learn from this is that a provider needs to be based outside a jurisdiction where they can be required to retain data about you or hand over e-mails. You can also help the situation by creating and using the e-mail address only via the Tor Browser (make sure you turn javascript off by following the instructions here) and make sure you encrypt the e-mails yourself (see above post about GPG), rather than relying on another company to do it for you.

What about pen and paper ciphers? Can you use them to safely send a message?

Although most classic ciphers can be broken by computers in seconds, I am still a big fan. Aside from the fact they’re fun(!) it helps you to think along the same lines as a code breaker, which helps you stay safe.

To answer your question, there’s no reason why you can’t combine a hand cipher with more modern forms of cryptography to add another layer to your security. Also you can use it to encode passwords. Even a simple Caesar Shift cipher would make sure that your password contained no ordinary words, making a dictionary attack much more difficult.

To answer the original question though, there are still hand ciphers which cannot be cracked easily by computers. The Solitaire Cipher which works using an ordinary deck of cards to generate a One Time Pad is unbreakable provided the cards are kept in the right order, are randomly shuffled and are kept out of the hands of an adversary.

Book Ciphers work by numbering the words in a piece of text and then encoding a message that way e.g if the 3rd, 17th, 29th and 67th words in a book were LET’S MEET AT EIGHT, you would write 3-17-29-67. This would be very difficult for even a supercomputer to crack without a digital copy of the book in question. As with a one time pad the security of this system depends on keeping the identity of the book a secret. The more often you change the key text the better. Of course you can increase security by penning something yourself such as a treatise on butter production in Bangladesh and only share it with those people with whom you want to communicate.

Hand ciphers can of course be sent by mail which is more difficult to intercept than asking the phone company to bug your line. If this is the way you want to communicate, I would suggest you meet up with your friends/colleagues to agree on a nomenclature e.g you could decide to give your local train station the name ‘Ruby’ so when you say in your message, MEET AT RUBY, the meaning is obvious to your friends but not to anyone else.

I’m interested in Cryptography, can you recommend any sources/links?

Certainly, I’d suggest reading Simon Singh’s Code Book which got me hooked initially as well as David Kahn’s The Codebreakers.

As promised in my previous post , I have decided to write a guide on how to use tcplay – a program which allows you to create and use Truecrypt containers without needing to use the program itself.

To understand the reasons why you would do this, it’s important to brush up on some of the recent controversy surrounding Truecrypt. To cut a long story short, it isn’t immediately clear that the downloadable versions of the Truecrypt program available from the website, represent exactly the published source code for the program. Naturally this is important to make sure there are no back doors in the software. As of Feb 2014, Truecrypt has yet to be audited to make sure this isn’t the case.

A keyfile (optional but recommended). (More info on what keyfiles are and how they keep you data safe available here).

In order to proceed, you’re going to need a “Live” USB or DVD of an Operating System (I would suggest Ubuntu Privacy Remix). Instructions to obtain the necessary disk images are available on their website. However any major distribution such as Ubuntu or Linux Mint will do. You will also need a blank DVD and disk burning software to create the Live DVD. If you’re not sure how to do this there are tutorials on their website.

Once you have your Live DVD or USB, you’ll need to insert it into your computer and boot into it.

Connect to the internet, and download one or more keyfiles that you want to use to a non persistent part of the system e.g the Desktop. It is possible to use Linux to generate keyfiles but it would be fairly obvious to anyone who saw them what they were for, which is why I suggest downloading an innocent looking file such as an mp3, jpg or pdf (see my post on ‘Truecrypt Best Practices’) for more information.

For the purposes of this tutorial I am going to assume that you have downloaded two keyfiles to use with this container, one called bubbles.jpg and the other called anthem.mp3.

N.B Do NOT save your keyfiles to the USB stick. This may be more convenient but anyone who sees them will guess what they are for and it’ll weaken your security. Ideally you should download them from the internet each time using an untraceable browser like the Tor Browser. If this isn’t possible I’d suggest keeping them on a separate drive amongst other files e.g you could use two MP3s from your music collection.

Disconnect from the internet, then open a Terminal. Don’t forget there’s no requirement for you to retype all these commands. You can copy (Ctrl + C) and paste them into the Terminal (Ctrl+left Shift+V) as you need.

Insert your USB stick and navigate to it e.g if your USB is named ‘KINGSTON’, and your username is ‘machello’ use the command:

sudo cd /media/machello/KINGSTON

Naturally you’ll need to change the username from ‘machello’ to your own username. If you’re not sure what your USB stick is called, open up the file explorer and navigate to the media folder to find out.

Now are going to create an empty container into which we can put our Truecrypt data, the following command will create a 2GB file named ‘testvol1’.sudo dd of=testvol1 bs=1G count=0 seek=2

N.B You can change the value of ‘seek’ and ‘bs’ to suit yourself. If you prefer to be more specific e.g you’d like a file named ‘testvol1’ that is 1500MB in size, you can type:

sudo dd of=testvol1 bs=1M count=0 seek=1500

Whichever you choose, you may be asked at this stage to enter your admin password if you set one up when you first booted Ubuntu. Once you’ve entered this once in the terminal, you won’t have to repeat it for the rest of this tutorial.

Next we will assign a place for our newly created volume:

sudo losetup /dev/loop0 testvol1

If you receive a message saying /dev/loop0 is busy, try substituting it for ‘/dev/loop1’, ‘/dev/loop2’ and so on until you are able to proceed. Remember this location though as you’ll need to use it in later commands.

Next we will create the encrypted container. It is possible to change pretty much all of the parameters here. I am going to assume that you want to use all three of the most popular encryption ciphers AES, Twofish and Serpent, a password and the two keyfiles we mentioned above . I’ve also chosen the Whirpool hash for our password. If you don’t know what this is, I suggest leaving this setting as is:

– It’s very important that this code is all on one line. Feel free to stick it into a text editor before pasting it into the terminal to make sure this is the case.

– The location of the keyfiles you previously downloaded on the internet may be different to the path I used for ‘keyfile’, as will your username. For instance if your username was kate and you had one keyfile named george.pdf in your downloads folder, you’d write the following command:

Once again you’ll need to amend the keyfile details in the above example accordingly or delete them altogether if you’re not using keyfiles.

Next we’ll create a filesystem for our new container. As we’re in Linux we’ll format it to ext4:

sudo mkfs.ext4 /dev/mapper/secv

Now we’re good to go. All we need to do is mount the filesystem. My preferred method is to create a folder on the desktop and link that to the container. In this example the folder will be called ‘tcmountfolder’:

sudo mkdir /home/machello/Desktop/tcmountfolder

sudo mount /dev/mapper/secv /home/machello/Desktop/tcmountfolder

sudo chmod 777 /home/machello/Desktop/tcmountfolder

Now when you close the terminal and go to the desktop you’ll see the folder and can read and write data to it as you see fit.

Once you’ve safely transferred your personal data to it, you can safely close it with the following commands :

sudo umount /home/machello/Desktop/tcmountfolder

sudo losetup /dev/loop0 testvol1

Once again you can alter these commands to take into account the currently mounted device number and the name of your container. So if for example your container was called ‘secret1’ mounted on /dev/loop1, you would type:

sudo losetup /dev/loop1 secret1
To remount the container after restarting the machine and booting back into your Live CD:

– Connect to internet and download any keyfiles you may use as applicable.

– Open the Terminal.

– Navigate to the location of your container on the USB stick as outlined above.

Assign a device to it as before:

sudo losetup /dev/loop0 testvol1

Again you need to replace ‘testvol1’ with the appropriate name of your container.

Access the container so you can put in your password and declare any keyfiles:

Create and mount a folder like before in order to be able to read from and write to the volume:

sudo mkdir /home/machello/Desktop/tcmountfolder

sudo mount /dev/mapper/secv /home/machello/Desktop/tcmountfolder

sudo chmod 777 /home/machello/Desktop/tcmountfolder

N.B The security vulnerability that’s been identified with Truecrypt relates specifically to how headers are created in volumes. As such you may want to use tcplay to create a Truecrypt volume but then use Truecrypt itself rather than the Terminal to open it up and read/write.

I have done some experimenting with Truecrypt and tcplay and believe that this is probably safe but would suggest using the command line just until the security audit is done.

There are a range of free and open source tools out there to help keep your information safe from prying eyes.

In the first instance it will be important to consider your threat model and what kind of information you want to keep safe. The alternatives I discuss here are mainly for information you want to protect within your home or business e.g financial records so aren’t particularly suitable for sending information across the internet. If you want to be able to communicate securely with other people my best advice is to use Torchat which I will touch on in another post.

LUKS

LUKS (Linux Unified Key Setup) allows you to create encrypted containers for files as well as encrypting entire USB sticks with a password via a program called Disk Utility. Once you have set the password, the system will simply prompt you for it each time you plug it back in.

There is an excellent step by step guide on how do this in TAILS (a “live” operating system which I strongly recommend to keep your data private) and newcomers to Linux will be reassured that there’s no need to use the command line, making this option ideal.

This also makes up for the inconvenience of using a “Live” system like TAILS as usually any data in the system would be lost when you shut down the computer – this way you can safely save any files or links to the stick to preserve data between sessions.

N.B When you use Disk Utility to encrypt a stick in this way, in TAILS at least the default options are AES-XTS-Plain 256 Bit. If you don’t know what this means then I would suggest sticking with these default options. If you do know what this means and/or would like another layer of security, I would suggest reading my post on using LUKS to create encrypted containers using the program ‘cryptsetup’ which allows you to choose different ciphers and key lengths. For further reading please see the Cryptsetup FAQ

LUKS can also be used to encrypt your entire Hard Drive on a Linux Machine. Although this can be done manually, the installation DVDs for both Ubuntu and Linux Mint (arguably the most user friendly flavours of Linux for beginners), allow you to choose to encrypt your hard drive with a password during setup.

GPG

While gpg is mainly known for allowing people to send each other e-mails safely it also can be used to encrypt files. This can be done from the command line but for novices I’d recommend reading the excellent guide for my favourite program GPG4USB which will allow you to encrypt and decrypt files with a few clicks of your mouse. (A step by step guide is available from the good people at Security in a Box here.) GPG4USB will run on both Windows and Linux, in case any of you are still hanging on to Windows.

TCPLAY

Another favourite program of mine. Although as stated in my previous posts, I am suspicious of Truecrypt itself and have stopped using it, tcplay is capable of creating and accessing Truecrypt containers using a stripped down version of Truecrypt’s Source code (full details here).

Unlike Truecrypt we do know the name of the developer, a lovely man named Alex Hornung, and also unlike Truecrypt, his software tcplay is free for anyone to use as they see fit.

Unfortunately the manual for tcplay is a bit thin on the ground and even contains some errors. Fortunately for you all old Machello has done some tweaking and has written a post on how to use tcplay instead of Truecrypt.

Most people concerned with privacy, have heard of the software encryption program TrueCrypt. For those of you who haven’t, by all means head on over Truecrypt.org to see what it’s all about.

Debate has been raging quite hotly on this matter and it’s worth mentioning that an audit of Truecrypt’s source code has been promised, although there’s some doubt as to whether the executable files available from Truecrypt’s main page actually represent a compiled version of the source code. To see fresh developments, please visit http://www.istruecryptauditedyet.com.

In my own case as a humble researcher, I have decided to sum up both sides of the argument and explain why I’ve decided to restrict my use of it.

Advantages:
– Truecrypt has a very easy to use interface is great for people who want to be able to protect their data quickly and easily. (Although please see my separate post – Don’t Fear the Command Line!). In particular it’s very easy to encrypt multiple files by placing them in a container. The website (link above) has some excellent step by step guides on how to do this.

– For Windows users, it’s possible to quickly encrypt your entire system so that if the device were stolen/seized it wouldn’t be possible to decrypt the data with the right password. More info on system encryption and what it can and can’t do for you here.

– Truecrypt allows you to use more than one encryption algorithm in a single volume. While the current “big three” AES, Serpent and Twofish are supposedly sufficiently robust on their own, if any of them were to be broken, you’d have the peace of mind of knowing that the other two would protect your data.

– By use of the hidden volume feature in Truecrypt you can hide your secret files in a hidden container with one password and have some plausible looking dummy files in an outer container protected with another. As such if you live in a country with oppressive laws which require you to provide your password or face jail like the UK you can safely provide the password for the outer container without compromising your truly secret files. The jury is still out on what the courts will do if Police think you have a hidden volume but cryptographically it’s virtually impossible to prove.
– Truecrypt allows you to easily set up keyfiles to open an encrypted volume in addition to a password. This dovetails nicely with the traditional security maximum of “something you have and something you know”, otherwise known as Two Factor Authentication. This is technically possible using the Linux Command line but is not as easy to implement.

– The Licence used as stated above is not free in the sense that developers cannot modify the source code to make a version of Truecrypt for a particular operating system. For this reason Truecrypt isn’t included in Debian Linux. It also isn’t very easy to make your own version either.

– For the Windows versions at least, there are some security concerns. Certain random data is saved to the “header” of a Truecrypt volume. It’s possible this is a backdoor. (If you think it isn’t possible to put a back door into publicly available code and get away with it see here). A full analysis of the exact vulnerability is available from the Ubuntu Privacy remix site.

N.B I have not touched on weaknesses such as hardware keyloggers, ‘Evil Maid’ and cold boot attacks simply because these flaws aren’t specific to Truecrypt. For a more general discussion of potential vulnerabilities when encrypting your data please see my post on “Encryption Best Practices.”

So in summary Truecrypt is only free in the sense of a brochure in your local hotel. You can’t alter it to suit your needs and you don’t necessarily know who wrote it.
Aside from the fact that it’s foolish to rely on any one program to secure all your data, Truecrypt raises many unanswered questions which is why I’ve begun to stop using it altogether. To see some alternatives for securing your data please feel free to see my post on “Alternatives to Truecrypt.”